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DETAILED ACTION 
EXAMINER'S AMENDMENT 

1. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

2. Authorization for this examiner's amendment was given in a telephone interview 
with the applicant representative, Mr. Rook David (Registration No. 40,790) on July 1, 
2008. Mr. Rook has agreed and authorized examiner to amend claims 1, 9, 10 and 
cancel claim 5 to over come the deficiencies (distinguish over the prior arts of record). 

CLAIMS: 

a. Referring to claim 1 : 

Please replace claim 1 as follows: 
A computerized method for protecting an identifier of a subscriber, during 
data transfer between a service provider and a content provider, when said subscriber 
sends a request to said service provider to obtain data belonging to said content 
provider, said computerized method comprising: 

executing on at least one computer the steps including: 

upon reception of said subscriber request by said service provider for 
each new subscriber session: 
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dynamically generating for each new session an encrypted token 
using said identifier of said subscriber, wherein a lifetime of the encrypted 
token is a user session lifetime, the generating using one of a symmetric 
and asymmetric encryption algorithm comprising: 
determining a separator (S); 
determining a time varying value (T); 
concatenating the subscriber identifier with T in a string such 
that the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and 
asymmetric encryption algorithm; and, 

transmitting said subscriber request and said encrypted 
token to said content provider; 
upon reception by said service provider of a Simple Object Access 
Protocol (SOAP) certification request comprising an encrypted token, sent by 
said content provider: 

extracting said encrypted token from said SOAP certification 
request, wherein the encrypted token is in one of the SOAP body and a 
predefined SOAP header; 

decrypting said extracted encrypted token to d e t e rm i n e sa i d 
subscr i ber i dont i f i or using a decryption algorithm corresponding to the 
encryption algorithm; 

retrieving the subscriber identifier using the separator; 
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checking said determined subscriber identifier; and, 
transmitting a success or failure indication to said content provider 
in a SOAP response to said certification request; 

upon reception of said data belonging to said content provider by said 
service provider, transmitting said data belonging to said content provider to said 
subscriber; m4 

memorizing said encrypted token so that it can be reused during the user 
session lifetime without having to be recomputed ; and 

formatting said data belonging to said content provider in a format suitable 
and usable by the subscriber . 

b. Referring to claim 5 : 
Please cancel claim 5. 

c. Referring to claim 9 : 

Please replace claim 9 as follows: 

An apparatus for protecting an identifier of a subscriber, during data 
transfer between a service provider and a content provider, when said subscriber sends 
a request to said service provider to obtain data belonging to said content provider 
comprising: 

at least one computer including: 
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a system for dynamically generating for each new session an encrypted 
token using said identifier of said subscriber, wherein a lifetime of the encrypted 
token is a user session lifetime, the generating system using one of a symmetric 
and asymmetric encryption algorithm comprising: 

determining a separator (S); 

determining a time varying value (T); 

concatenating the subscriber identifier with T in a string such that 
the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and asymmetric 
encryption algorithm; and, 

transmitting said subscriber request and said encrypted token to 
said content provider; 

a system for extracting said encrypted token from said SOAP certification 
request, wherein the encrypted token is in one of the SOAP body and a 
predefined SOAP header; 

a system for decrypting said extracted encrypted token to dotorm i no sa i d 
subscr i b e r i d e nt i f ie r using a decryption algorithm corresponding to the encryption 
algorithm; 

a system for retrieving the subscriber identifier using the separator; 
a system for checking said determined subscriber identifier; and, 
a system for transmitting a success or failure indication to said content 
provider in a SOAP response to said certification request; 



Application/Control Number: 1 0/681 ,613 Page 6 

Art Unit: 2135 

a system for transmitting said data belonging to said content provider to 
said subscriber; and 

a system for memorizing said encrypted token so that it can be reused 
during the user session lifetime without having to be recomputed : and 

a system for formatting said data belonging to said content provider in a 
format suitable and usable by the subscriber . 

d. Referring to claim 10 : 

Please replace claim 10 as follows: 

A computer program product comprising program code stored on a 
computer readable medium, which when executed, enables a computer system to 
implement a method for protecting an identifier of a subscriber, during data transfer 
between a service provider and a content provider, when said subscriber sends a 
request to said service provider to obtain data belonging to said content provider, the 
method comprising: 

upon reception of said subscriber request by said service provider for each new 
subscriber session: 

dynamically generating for each new session an encrypted token using 
said identifier of said subscriber, wherein a lifetime of the encrypted token is a 
user session lifetime, the generating using one of a symmetric and asymmetric 
encryption algorithm comprising: 

determining a separator (S); 
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determining a time varying value (T); 

concatenating the subscriber identifier with Tina string such that 
the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and asymmetric 
encryption algorithm; and, 

transmitting said subscriber request and said encrypted token to 
said content provider; 

upon reception by said service provider of a Simple Object Access 
Protocol (SOAP) certification request comprising an encrypted token, sent by 
said content provider: 

extracting said encrypted token from said SOAP certification request, 
wherein the encrypted token is in one of the SOAP body and a predefined SOAP 
header; 

decrypting said extracted encrypted token to d e t e rm i n e sa i d subscr i b e r 
i d e nt i f ie r using a decryption algorithm corresponding to the encryption algorithm; 

retrieving the subscriber identifier using the separator; 

checking said determined subscriber identifier; and, 

transmitting a success or failure indication to said content provider in a 
SOAP response to said certification request; 

upon reception of said data belonging to said content provider by said service 
provider, transmitting said data belonging to said content provider to said subscriber; 
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memorizing said encrypted token so that it can be reused during the user session 
lifetime without having to be recomputed : and 

formatting said data belonging to said content provider in a format suitable and 
usable by the subscriber . 

Allowable Subject Matter 

3. Claims 1, 2, 4, 8-10 are allowed. 

Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nirav Patel whose telephone number is 571-272-5936. 
The examiner can normally be reached on 8 am - 4:30 pm (M-F). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
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Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

NBP 
07/07/08 
/KimYen Vu/ 

Supervisory Patent Examiner, Art Unit 2135 



